Privacy FAQs

What is POPIA?

The Protection of Personal Information Act 4 of 2013 (POPIA) is the data protection legislation enacted in South Africa to enhance the Constitutional right to privacy.

It safeguards personal information processed by public and private bodies.

It sets out eight conditions for the processing of personal information of natural and juristic persons by responsible parties (such as Discovery Health Medical Scheme and companies in the Discovery Group).

What is defined as personal information?

Personal information is information relating to an identifiable, living, natural person or existing juristic person. It is information that relates to (among others) their:

Race, gender, sex, marital status, sexual orientation, age
Physical, mental, spiritual, economic, cultural or social identity
Health
Educational or financial history
Identifying numbers and addresses
Biometric details.

The eight conditions for lawful processing of personal information

Accountability: Discovery must be accountable for the personal information it processes or holds in its possession.
Processing limitation: We must process personal information in a lawful and reasonable manner. The purpose for processing the information must be lawful, adequate, relevant and not excessive.
Purpose specification: The purpose for processing personal information must be specific, explicitly defined and lawful.
Further processing limitation: The reason for processing personal information also must be compatible with the original purpose of collection.
Information quality: We must take practicable steps to make sure the personal information we process is complete, accurate, not misleading and updated.
Openness: We must process personal information in a way that lets the client or stakeholder know what is happening to their personal information.
Security safeguards: We must make sure sufficient security safeguards are in place to secure the integrity and confidentiality of the personal information in our possession or under our control.
Data subject participation: Our clients and stakeholders (data subjects) have a right to access to their personal information and to correct and update their personal information.

What is Discovery's privacy promise?

We promise:

To keep your personal information safe and private.
Not to sell your personal information.
To give you ways to manage and review your marketing choices at any time.
To give you ways to exercise your rights.

What do we use your personal information for?

To serve you as a client

To manage our relationship with you or your business
To develop and carry out marketing activities
To study how our clients use our products and services
To communicate with you about our products and services
To develop and manage our brands, products and services

To improve our business and products

To deliver our products and services
To make and manage client payouts
To manage fees, charges and interest due on client accounts
To collect and recover money that is owed to us
To manage and provide treasury and investment products and services

To manage security, risk and crime prevention

To detect, investigate, report and seek to prevent financial crime
To manage risk for us and our clients
To obey laws and regulations that apply to us
To respond to complaints and seek to resolve them

To manage our business

To run our business in an efficient and proper way. This includes managing our financial position, business capability, planning, adding, and testing systems and processes, managing communications, corporate governance and audits
To exercise our rights set out in agreements or contracts

For more information, see our privacy statements on our Privacy page.

How does Discovery keep my information secure?

Keeping your digital information safe is our highest priority. We're constantly working to make sure that we apply the strongest security measures. We employ experts in data security to keep your information safe.

For more information on how to protect your information and not fall victim to fraud, scams, phishing and theft, visit our Security and fraud page.

Who does Discovery share my data with?

We only share your data with companies within the Discovery Group and with trusted third parties. For more information, see our privacy statements on our Privacy page.

How do the Discovery companies work together?

Companies within Discovery Ltd ("the Discovery Group"), as well as Discovery Health (Pty) Ltd as administrator of various schemes, share infrastructure, systems and technology to provide an innovative, consistent and safe experience across different channels and teams.

We also process information about you throughout the Discovery Group for administration and fraud prevention, and where applicable, for benefit and reward allocation.

For more information, see our privacy statements on our Privacy page.

How do I get a copy of the personal data that Discovery holds about me?

Complete the Request access to information form.

For more details, see the Discovery Access to Information Manual.

How can I opt out of receiving direct marketing?

Log in to the website to visit the Communication preferences page. That's where you can tell us which services you want to hear from and which ones to stop hearing from.

If you are not a Discovery client, visit this page to opt out from direct marketing.

Please note that once you opt out, you will not be informed about special offers and new products.

Why is Discovery making changes to the way we communicate?

We must make sure active control measures are in place to ensure that only people who are supposed to have access to personal information can access it. In other words, we are communicating personal information in a secure way. This includes:

Organisational measures, for example, that we use only a verified email or phone number when sending information, and
Technical measures such as PDF encryption and Secure Inboxes.
What does "PDF encryption" mean?

The acronym stands for "Portable Document Format". We will send emails that contain personal information (for example, cellphone number or ID number) as an encrypted document. This means that you will need a password to open the attached document to view the communication.
What is a "Secure Inbox"?

We will deliver all communications to an online document storage place called the "Secure Inbox" which will store all Discovery communication and is available to clients and financial advisers. You will need to log in to your profile on the website or mobile app to access your Secure Inbox.

How do I contact the Discovery Group Information Officer?

The Discovery Group Information Officer is Pieter van der Walt. You may contact him on privacy@discovery.co.za.

Get a personal loan in just a few taps.

Download the Discovery Bank app to apply.

Turn healthy habits into savings. Activate Personal Health Pathways and complete your recommended health action to earn up to R500 in your Personal Health Fund.

When life hits you with the unexpected, Discovery Gap Cover closes the gap.

Financially protect your life with R2 million life cover from R200 pm* and access award-winning** benefits and rewards today.

Get an enhanced boost of up to 25% to your retirement savings

Qualifying Discovery Bank clients can get Ð1,500 for getting a car insurance quote

Join gym this January and stand to win!

#Give2Move and donate your pre-loved running shoes.

Financially protect your life with R2 million life cover from R200 pm* and access award-winning** benefits and rewards today.

Privacy FAQS

Your session will expire in 60 seconds.

To secure your account you have been logged out